Puppet Enterprise 2016.x < 2016.4.12 / 2017.x < 2017.3.7 / 2018.x < 2018.1.1 Arbitrary Code Execution Vulnerability
Medium Nessus Plugin ID 129760
SynopsisA web application running on the remote host is affected by a code execution vulnerability.
DescriptionA remote code execution vulnerability exists in Windows Agents due to a privilege escalation vulnerability associated with shared libraries from untrusted paths. An authenticated, unpriviledged local attacker can write custom facts which escalate privileges on the next puppet run. (CVE-2018-6513)
SolutionUpgrade to Puppet Enterprise version 2016.4.12 / 2017.3.7 / 2018.1.1 or later.